<?php
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//
// DLMan by Shedd Technologies International		  				//
// http://www.dlman.com | info@dlman.com							//
// Copyright 2003 by STI, All rights reserved.						//
// ---------------------------------------------------------------- //
// Usage of this software is governed by the terms of GPL. 	    	//
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//

require_once("global.php");
ob_start();//start content buffer
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\
	if(!isset($faction)){
		?>
		<script language="JavaScript" type="text/javascript">
		//show status bar messages
		function statusbar(statusmsg){
			window.status=statusmsg
			return true
		}
		//end show status bar message function
		</script>
		<?php
		//list products available for download (all free & those that have been purchased)
		//GENERATE PAID TABLE
			print "<P><STRONG>Purchased Products</STRONG></P>";
			print table("paid");
		//GENERATE FREE TABLE
			print "<P><STRONG>Complementary Products</STRONG></P>";
			print table("free");
		//DISPLAY INFORMATION
			print "<P><b>What does this information mean?</b></P>
				<P>With this screen, you can view all products which have been purchased under 
				this account or are available for free download.&nbsp; From this screen, you can 
				edit the properties of the license, download the software, and renew your 
				access.&nbsp; You will have access to this page for the period of the license, 
				though your ability to download updates is restricted to the period defined by 
				the merchant.</P>";
	}//end no action set
	////////////////////////////////////////////////////////////////////////////
	elseif($faction=="edit"){
		if(!isset($sfaction)){
		//show complete product information
		//allow user to edit license properties (URL,Custom Fields 1-5)
			//select data from license data table
			//$ln contains transaction id (license #=md5(txn_id)
			$sql='SELECT * FROM '.$config->dt['license_data'].','.$config->dt['transactions'].' WHERE '.$config->dt['license_data'].'.txn_id='.$config->dt['transactions'].'.txn_id AND '.$config->dt['transactions'].'.txn_id=\''.$ln.'\'';
			$result=mysql_query($sql);
			$val=@mysql_fetch_array($result);
			$rows=@mysql_num_rows($result);
			//print form fields
				//get license id
				$sql="SELECT * FROM ".$config->dt['files']." WHERE id='".$file."'";
				$result=mysql_query($sql);
				$filed=mysql_fetch_array($result);
				//pull license data
				$sql="SELECT * FROM ".$config->dt['license']." WHERE id='".$filed['license']."'";
				$result=mysql_query($sql);
				$license=mysql_fetch_array($result);
				
				$opt_data="";
				//gather optional data requests
				for($i=1;$i<6;$i++){
					$act="activated_$i";
					$hl="html_$i";
					$nm="data_$i";
					$ty="type_$i";
					
					if($license[$act]=="true"){
						//revert back from htmlspecialchars
						$license[$hl]=ereg_replace('&gt;', '>', $license[$hl]);
						$license[$hl]=ereg_replace('&lt;', '<', $license[$hl]);
						$license[$hl]=ereg_replace('&quot;', "\"", $license[$hl]);
						$license[$hl]=ereg_replace('&amp;', '&', $license[$hl]);
						
						if(@mysql_num_rows($result)>0){
							//enter any existing data
							if($license[$ty]=="text"||$license[$ty]=="textbox") $html=str_replace('{v'.$i.'}',$val[$nm],$license[$hl]);
							elseif($license[$ty]=="select"){
								$html=str_replace('{'.$val[$nm].'-v'.$i.'}',"SELECTED",$license[$hl]);
							}
							elseif($license[$ty]=="radio"||$license[$ty]=="cb"){
								$html=str_replace('{'.$val[$nm].'-v'.$i.'}',"CHECKED",$license[$hl]);
							}
						}
						
						//add the HTML
						$opt_data.=$html."<br>";
					}
				}
			print "<b>This is the information associated with your license:</b>";
			//check to see if data is on file
			if($rows<=0){
				print "<br><i>No License Data on File!  Please enter it now...</i><br>";
			}
			else{
				$lsql='SELECT timestamp FROM '.$config->dt['license_data'].' WHERE txn_id=\''.$ln.'\'';
				$lresult=mysql_query($lsql);
				$lval=mysql_fetch_array($lresult);
				$lupdate=getdate($lval['timestamp']);
				$day=$lupdate['weekday'];
				$mday=$lupdate['mday'];
				$month=$lupdate['month'];
				$year=$lupdate['year'];
				$hour=$lupdate['hours'];
				$mins=$lupdate['minutes'];
				$secs=$lupdate['seconds'];
				print "<br><i>Last Updated $day $month $mday, $year at $hour:$mins:$secs</i>";
			}
			print "<form action='".$PHP_SELF."' method='post'>";
			print $opt_data;
			print "<input type='hidden' name='ln' value='$ln'>";
			print "<input type='hidden' name='faction' value='$faction'>";
			print "<input type='hidden' name='sfaction' value='medit'>";
			print "<input type='hidden' name='file_id' value='$file'>";
			print "<input type='hidden' name='loc' value='$loc'>";
			print '<div align="center"><input type="submit" value="Update"></div>';
			print "</form>";
		}//end sfaction
		elseif($sfaction=="medit"){
			//make changes to license data
			$sqlcode=array();
			//fill array
			for($i=1;$i<6;$i++){
				if(isset($HTTP_POST_VARS["name_$i"])){
					$sqlcode[$i-1]="UPDATE ".$config->dt['license_data']." SET data_$i='".$HTTP_POST_VARS["name_$i"]."' WHERE txn_id='$ln'";
				}
			}//end for
			$sqlcode[count($sqlcode)]="UPDATE ".$config->dt['license_data']." SET timestamp='".time()."' WHERE txn_id='$ln'";
			
			//process updates
			$err=false;
			foreach($sqlcode as $sql){
				$result="";
				if(!mysql_query($sql)){
					print "<p>Error in updating data!<br>";
					print mysql_error();
					print '<br><a href="';
					print $PHP_SELF;
					print '?loc=mem_down&file=$file_id&faction=edit&ln=$ln">Click Here to try again</a><br><br>';
					print "$sql</p>";
					$err=true;
				}//end error
			}//end loop
			
			if($err!=true){
				?>
					<STRONG><FONT face=Verdana size=2>All information updated.</FONT></STRONG>
				<?php
					print '<p><a href="';
					print $PHP_SELF;
					print '?loc=mem_down">Click Here to Continue</a></p>';
			}//end no error
		}//end medit
	}//end edit
	////////////////////////////////////////////////////////////////////////////
	elseif($faction=="renew"){
	
		$sql="SELECT * FROM ".$config->dt['files']." WHERE id='".$file."'";
		$result=mysql_query($sql);
		$filed=mysql_fetch_array($result);
		
		//get user's id
		$sql="SELECT ".$config->field['userid'].",".$config->field['email']." FROM ".$config->dt['user']." WHERE ".$config->field['username']."='$Muser'";
		$result=mysql_query($sql);
		$val=mysql_fetch_array($result);
		
		if($filed['update_cost']!='FREE'){
			$SYSTEM_NAME=$config->cs['title'];
			$PAYPAL_ACCOUNT=$config->cs['paypal_account'];//PAYPAL ACCOUNT NAME
			$SCRIPT_URL=$config->cs['script_url'];//TRAILING SLASH!
			$IMAGE_URL=$config->cs['paypal_imageurl'];//SSL REC!
			$PAYPAL_RURL=$config->cs['paypal_rurl'];//REFERRAL URL FOR PAYPAL
			$_2CHECKOUT_ACCOUNT=$config->cs['2checkout_account'];//2CheckOut.com Seller #
			$_2CHECKOUT_DEMO=$config->cs['2checkout_demo'];//Demo Mode? (Y or N)
			$PFL_ACCOUNT=$config->cs['payflowlink_account'];//PAYFLOW LINK ACCOUNT ID
			$PFL_PARTNER=$config->cs['payflowlink_partner'];//PAYFLOW LINK PARTNER ID
			$AUTHORIZENET_ACCOUNT=$config->cs['authorizenet_login'];//AUTHORIZE.NET ACCOUNT
			$AUTHORIZENET_TXNKEY=$config->cs['authorizenet_transkey'];//AUTHORIZE.NET TRANSACTION KEY
			$times=time();
			//calculate order variables
			$iname="$SYSTEM_NAME Product Renewal";
			$inum="AUTOMATED_RENEWAL$times";
			$icost=$filed['update_cost'];
			?>
			The cost to renew your access to this file is <b>$<?php print $icost; ?></b>.  When your renewal is processed after payment the expiration date for your access period will be reset to <?php print $filed['term']; ?> month(s) from the transaction completion date.  Please note that this period is reset - time is not added to your existing period.  Therefore, you should renew close to or after your expiration date.<br><br>
			Please use the payment link below to process your renewal.
			<?php
			//relay order to paypal
			if($config->cs['paypal_allow']=="on"){
			?>
				<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
					<input type="hidden" name="bn" value="DLMan.DLMan">
					<input type="hidden" name="cmd" value="_xclick">
					<input type="hidden" name="custom" value="<?php print $ln; ?>">
					<input type="hidden" name="business" value="<?php print $PAYPAL_ACCOUNT; ?>">
					<input type="hidden" name="item_name" value="<?php print $iname; ?>">
					<input type="hidden" name="item_number" value="<?php print $inum; ?>">
					<input type="hidden" name="amount" value="<?php print printf("%.2f",$icost); ?>">
					<input type="hidden" name="image_url" value="<?php print $IMAGE_URL; ?>">
					<input type="hidden" name="no_shipping" value="1">
					<input type="hidden" name="return" value="<?php print $SCRIPT_URL; ?>order/thanks.php">
					<input type="hidden" name="cancel_return" value="<?php print $SCRIPT_URL; ?>order/cancel.php">
					<input type="hidden" name="no_note" value="1">
					<input type="hidden" name="notify_url" value="<?php print $SCRIPT_URL; ?>order/paypal.sub.php">
					<input type="hidden" name="currency_code" value="USD">
					<input type="submit" value="Pay With PayPal">
				</form>
			<?php
			}//end paypal
			if($config->cs['2checkout_allow']=="on"){
			?>
				<form action="https://www.2checkout.com/cgi-bin/Abuyers/purchase.2c" method="post">
					<input type="hidden" name="x_Receipt_Link_URL" value="<?php print $SCRIPT_URL; ?>order/2Checkout.sub.php">
					<input type="hidden" name="x_login" value="<?php print $_2CHECKOUT_ACCOUNT; ?>">
					<input type="hidden" name="x_amount" value="<?php print printf("%.2f",$icost); ?>">
					<input type="hidden" name="x_invoice_num" value="<?php print $ln; ?>">
					<input type="hidden" name="x_Email" value="<?php print $val[$config->field['email']]; ?>">
					<?php
					//demo mode?
					if($_2CHECKOUT_DEMO=="Y"){
					?>
					<input type="hidden" name="demo" value="Y">
					<?php
					}//end demo check
					?>
					<input type="submit" value="Pay With 2Checkout">
				</form>
			<?php
			}//end 2checkout
			if($config->cs['authorizenet_allow']=="on"){
			?>
			<form action="https://secure.authorize.net/gateway/transact.dll" method="post">
				<?php
				include("./order/simlib.php");
				$loginid=$AUTHORIZENET_ACCOUNT;
				$txnkey=$AUTHORIZENET_TXNKEY;
				$cst=sprintf("%.2f",$icost);
				// Seed random number for security and better randomness.
				srand(time());
				$sequence=rand(1,1000);
				// Insert the form elements required for SIM by calling InsertFP
				$ret=InsertFP($loginid,$txnkey,$cst,$sequence,"");
				?>
				<input type="hidden" name="x_Login" value="<?php print $AUTHORIZENET_ACCOUNT; ?>">
				<input type="hidden" name="x_Amount" value="<?php print printf("%.2f",$icost); ?>">
				<input type="hidden" name="x_Invoice_Num" value="<?php print $ln; ?>">
				<input type="hidden" name="x_Show_Form" value="PAYMENT_FORM">
				<input type="hidden" name="x_Relay_Response" value="True">
				<input type="hidden" name="x_Relay_URL" value="<?php print $SCRIPT_URL; ?>order/Authorizenet.sub.php">
				<input type="hidden" name="x_Email" value="<?php print $val[$config->field['email']]; ?>">
				<input type="image" src="https://www.paypal.com/images/x-click-but9.gif" border="0" name="submit" alt="Make Payment">
			</form>
		<?php
			}//end Authorize.net
			if($config->cs['payflowlink_allow']=="on"){
			?>
			<form method="POST" action="https://payflowlink.verisign.com/payflowlink.cfm">
				<input type="hidden" name="LOGIN" value="<?php print $PFL_ACCOUNT; ?>">
				<input type="hidden" name="PARTNER" value="<?php print $PFL_PARTNER; ?>">
				<input type="hidden" name="AMOUNT" value="<?php print printf("%.2f",$icost); ?>">
				<input type="hidden" name="TYPE" value="S">
				<input type="hidden" name="DESCRIPTION" value="Purchase from <?php print $config->cs['title']; ?>">
				<input type="hidden" name="EMAIL" value="<?php print $val[$config->field['email']]; ?>">
				<input type="hidden" name="INVOICE" value="<?php print $ln; ?>">
				<input type="hidden" name="ECHODATA" value="True">
				<input type="hidden" name="EMAILCUSTOMER" value="True">
				<input type="hidden" name="ORDERFORM" value="True">
				<input type="hidden" name="SHOWCONFIRM" value="True">
				<input type="hidden" name="USER1" value="<?php print $PFL_ACCOUNT; ?>">
				<input type="hidden" name="USER2" value="SUB">
				<input type="submit" value="Pay With PayFlow">
			</form>
			<?php
			}//end payflowlink
		}//end check to make sure updates are paid
		else{
			print "There is no cost for renewing your access to this file.";
		}
	}//end renew
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\
$content=ob_get_contents();//store content to global buffer var
ob_end_clean();
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\
//FUNCTIONS
function table($mode){//mode should be Free OR Paid (equal to the permissions values)
	global $config,$PHP_SELF;
	ob_start();//start content buffer
	print '<table align="center" cellspacing="0" cellpadding="4" border="0">';
	?>
		<!--TABLE HEADER-->
			<tr>
			    <td><P align=center><STRONG>Status</STRONG></P></td>
			    <td><P align=center><STRONG>Product</STRONG></P></td>
			    <td><P align=center><STRONG>Access Period</STRONG></P></td>
			    <td><P align=center><STRONG>License Options</STRONG></P></td>
			</tr>
			<tr>
				<td colspan="4" bgcolor="black"></td>
			</tr>
		<!--END HEADER-->
		<!--PRODUCTS-->
				<?php
				//get user's id
				global $account;
				//get user email
				$sql="SELECT ".$config->field['userid']." FROM ".$config->dt['user']." WHERE ".$config->field['username']."='$account'";
				$result=mysql_query($sql);
				$v=mysql_fetch_array($result);
				
				//list the files that the user has paid for
				if($mode=="paid"){
					//select all of user's purchases from transaction log for paid
					$sql="SELECT * FROM ".$config->dt['transactions']." WHERE uid='".$v[$config->field['userid']]."' AND status='ACTIVE'";
					$result=mysql_query($sql);
					while($value=@mysql_fetch_array($result)){
						//select data from the file table for the download
						$sql2="SELECT * FROM ".$config->dt['files']." WHERE id='".$value['file_id']."'";
						$result2=mysql_query($sql2);
						while($value2=mysql_fetch_array($result2)){
							print row($value2,$PHP_SELF,$value['txn_id'],$value['update_timestamp'],$value2['term'],$value2['term_type']);
						}//end while
					}
				}
				//list free files
				else{
					//do associated	
					$sql="SELECT * FROM ".$config->dt['files']." WHERE permissions='".$mode."' AND NOT associated='NONE'";
					$result=mysql_query($sql);
					while($value=mysql_fetch_array($result)){
						if($value['associated']!="NONE"){
							//info from transaction table
							$ass="SELECT * FROM ".$config->dt['transactions']." WHERE uid='".$v[$config->field['userid']]."' AND file_id='".$value['associated']."'  AND status='ACTIVE'";
							$asr=mysql_query($ass);
							$asfile=mysql_fetch_array($asr);
							//info from file table (parent file)
							$pfs="SELECT * FROM ".$config->dt['files']." WHERE id='".$value['associated']."'";
							$pfr=mysql_query($pfs);
							$pffile=mysql_fetch_array($pfr);
							
							//verify user purchased
							$rows=@mysql_num_rows($asr);
							if($rows>0) print row($value,$PHP_SELF,"",$asfile['update_timestamp'],$pffile['term'],$pffile['term_type']);
						}
					}//end while
					
					//do plain free
					$sql="SELECT * FROM ".$config->dt['files']." WHERE permissions='".$mode."' AND associated='NONE'";
					$result=mysql_query($sql);
					while($value=mysql_fetch_array($result)){
						print row($value,$PHP_SELF,"","","","");
					}//end while
				}//end else
				?>
			<!--END PRODUCTS-->
	<?php
	print "</table>";
	$content=ob_get_contents();//store content to global buffer var
	ob_end_clean();
	return $content;
}//end function

//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\

function row($value,$PHP_SELF,$licn,$begin_date,$term,$term_type){
	global $config;
	ob_start();//start content buffer
	
	//link files to dodownload.php?action=load&file_id=FILE
	?>
		<tr>
		    <td align="center"><?php ($value['download']=='on')?print "<font color='green'>Active</font>":print "<font color='red'>Inactive</font>"; ?></td>
		    <td align="center" nowrap><div onMouseover="return statusbar('<?php ($value['permissions']!='free')?print "License: ".md5($licn):print""; ?>')" onMouseout="return statusbar('')"><font color="Blue"><B><?php print $value['name']; ?></B></font></div></td>
		    <td align="center"><?php 
			if(($value['permissions']=='free')&&($value['associated']=="NONE")){
				//do name
				print "Free";
				//define freeware timeleft
				$timeleft=1;
			}//end plain freeware
			else{//associated/paid
				if($value['associated']!="NONE"){
					$end_date=DateAdd($term_type,$term,$begin_date);
					$timeleft=DateDiff("s",time(),$end_date);
					print "Associated ( ".name($value['associated'])." )";
				}
				else{
					$end_date=DateAdd($term_type,$term,$begin_date);
					$timeleft=DateDiff("s",time(),$end_date);
					print @date("m/d/Y",$begin_date);
					print " <b>-</b> ";
					print @date("m/d/Y",$end_date);
				}
			}//end paid/associated
			?></td>
		    <td align="center"><P>
			<?php
			//EDIT LINK
			if($value['permissions']=='paid'){
				//pull license data
				$sql="SELECT * FROM ".$config->dt['license']." WHERE id='".$value['license']."'";
				$result=mysql_query($sql);
				$license=mysql_fetch_array($result);
				//check to see if any custom fields are activated
				$afcount=0;
				for($i=1;$i<6;$i++){
					$act="activated_$i";
					if($license[$act]=="true"){
						$afcount++;
					}
				}//end for
				//only display edit link if there are activated fields
				if($afcount>0){
				?>
					<a href="<?php print $PHP_SELF; ?>?loc=mem_down&file=<?php print $value['id']; ?>&faction=edit&ln=<?php print $licn; ?>">Edit</a> <b>|</b> 
				<?php
				}//end activated field check
			}//end check for paid license
			//DOWNLOAD LINK
			if($value['download']=='on'){
				if($timeleft>0){//check to make sure access time is left
					?><a href="dodownload.php?faction=load&file_id=<?php print $value['id']; print "&ln="; if($value['permissions']!='free') print "$licn"; ?>">Download</a><?php
				}
				else{
					?>Download Period Expired<?php
				}
				($value['permissions']!='free')?print " <b>|</b> <a href='".$PHP_SELF."?loc=mem_down&file=".$value['id']."&faction=renew&ln=".$licn."'>Renew</a>":print "";
			}
			else{
				print "Inactive";
			} 
			?></P></td>
		</tr>
		<tr>
			<td colspan="4" bgcolor="black"></td>
		</tr>
	<?php
	$content=ob_get_contents();//store content to global buffer var
	ob_end_clean();
	return $content;
}

//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\

/*
Return file's name, based on id parameter.
*/
function name($id){
	global $config;
	$sql="SELECT name FROM ".$config->dt['files']." WHERE id='".$id."'";
	$result=mysql_query($sql);
	$value=mysql_fetch_array($result);
	return $value['name'];
}

//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\
?>
